﻿//session include id(in global.asax  given by system)
//                uid
//                group

using System;
using System.Collections.Generic;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Data;
using System.Text.RegularExpressions;
using System.Web.Security;
using System.Configuration;
using System.Security.Cryptography;
using System.Text;



public partial class Login : System.Web.UI.Page
{
    //define some variables
    string Uname;
    string Passwd;
    string V_code;
    char[] code;
    //define connect example

    //dbreader, use to cache which was selected
    protected void Page_Load(object sender, EventArgs e)
    {
        MessageBox.Visible = false;
        DBaccess db = new DBaccess();
        string sql = "select announcement from mr_announcement where aid in (select MAX(aid) from mr_announcement)";
        SqlDataReader read = db.GetReader(sql);
        read.Read();
        Session["announcement"] = read.GetValue(0).ToString();
    }
    protected void MobileResourceLogin_Click(object sender, EventArgs e)
    {
        //record login info
        Uname = UserName.Text;
        Passwd = PassWord.Text;
        V_code = vcode.Text;
        V_code = V_code.ToUpper();
        //confirm login inf
            if (Uname.Length > 8)
            {
                MessageBox.Visible = true;
                MessageBox.Text = "您输入的用户名过长，请正确输入。";
                Reset();
            }
            else if (Passwd.Length > 20)
            {
                MessageBox.Visible = true;
                MessageBox.Text = "您输入的密码过长，请正确输入。";
                Reset();
            }
            else if (V_code != Session["CheckCode"].ToString())
            {
                MessageBox.Visible = true;
                MessageBox.Text = "您输入的验证码错误，请正确输入。";
                Reset();
            }
            else
            {
                Passwd = md5(Passwd);
                try
                {
                    //connect to 
                        DBaccess db = new DBaccess();
                        SqlDataReader read = db.GetReader("select count(*) from mr_member where mid='" + Uname + "'and password='" + Passwd + "'");
                        
                        if (read.Read())
                        {
                            read.Close();
                            //read the group of the user
                            DBaccess db2 = new DBaccess();
                            SqlDataReader read2 = db2.GetReader("select mid,gid from mr_member where mid='" + Uname + "'");
                            read2.Read();
                            try
                            {
                             
                                    Session["mid"] = read2.GetValue(0);
                                    Session["gid"] = read2.GetValue(1);
                                
                            }
                            catch (SqlException sqle)
                            {
                                Session["mid"] = "";
                                Session["gid"] = "";
                            }
                            finally
                            {
                                read2.Close();
                            }
                            if (RadioButton2.Checked == true && Session["gid"].ToString() =="1")
                            {
                                Response.Redirect("Teacher/Teacher.aspx");
                            }
                            else if (RadioButton1.Checked == true && Session["gid"].ToString() == "2")
                                Response.Redirect("Student/Student.aspx");
                            else if (RadioButton3.Checked == true && Session["gid"].ToString() == "3")
                                Response.Redirect("Management/Management.aspx");
                        }
                        else
                        {
                            MessageBox.Visible = true;
                            MessageBox.Text = "您输入的用户名和密码有误，请正确输入。";
                            Reset();
                        }
                    }
                    
                //error handle
                catch (SqlException sqle)
                {
                    ;
                }
                finally
                {
                    //read.Close();
                }
            }

    }

    //uname and password reg
    private int RegConfirm(string str)
    {
        String TextRegex = "^[A-Za-z0-9]+$";
        if ((Regex.IsMatch(str, TextRegex)))
        {
            return 1;
        }
        else
        {
            return 0;
        }
    }

    private void Reset()
    {
        Uname = "";
        Passwd = "";
        UserName.Text = "";
        PassWord.Text = "";
    }
    public string md5(string str)
    {
        MD5 m = new MD5CryptoServiceProvider();
        byte[] s = m.ComputeHash(UnicodeEncoding.UTF8.GetBytes(str));
        return BitConverter.ToString(s);
    }
}